DNS Gurus
Cached · just now
12 directives

Content-Security-Policy

No enforced CSP headers found.

Content-Security-Policy-Report-Only

default-src Keyword
'self'
default-src Host
https://www.doit.com
ASN | Cloudflare
default-src Host
https://doit.com
ASN | Cloudflare
script-src Keyword
'self'
script-src Keyword
'unsafe-inline'
script-src Keyword
'unsafe-eval'
script-src Host Google Tag Manager logo Google Tag Manager
https://www.googletagmanager.com
ASN | Google
script-src Host Google Analytics logo Google Analytics
https://www.google-analytics.com
ASN | Google
script-src Host Microsoft Clarity logo Microsoft Clarity
https://www.clarity.ms
ASN | Microsoft
script-src Host Microsoft Clarity logo Microsoft Clarity
https://*.clarity.ms
ASN | Microsoft
script-src Host Hotjar logo Hotjar
https://static.hotjar.com
ASN | Amazon
script-src Host Hotjar logo Hotjar
https://script.hotjar.com
ASN | Amazon
script-src Host HubSpot Forms logo HubSpot Forms
https://js.hsforms.net
ASN | Cloudflare
script-src Host HubSpot logo HubSpot
https://js.hs-scripts.com
ASN | Cloudflare
script-src Host HubSpot Analytics logo HubSpot Analytics
https://js.hs-analytics.net
ASN | Cloudflare
script-src Host HubSpot logo HubSpot
https://js.hubspot.com
ASN | Cloudflare
script-src Host HubSpot logo HubSpot
https://js.hs-banner.com
ASN | Cloudflare
script-src Host HubSpot logo HubSpot
https://*.hubspot.com
ASN | Cloudflare
script-src Host HubSpot Forms logo HubSpot Forms
https://*.hsforms.com
script-src Host HubSpot logo HubSpot
https://*.hs-scripts.com
script-src Host HubSpot Analytics logo HubSpot Analytics
https://*.hs-analytics.net
connect-src Keyword
'self'
connect-src Host
https://www.doit.com
ASN | Cloudflare
connect-src Host
https://doit.com
ASN | Cloudflare
connect-src Host Google Analytics logo Google Analytics
https://*.google-analytics.com
ASN | Google
connect-src Host Google Analytics logo Google Analytics
https://*.analytics.google.com
ASN | Google
connect-src Host Microsoft Clarity logo Microsoft Clarity
https://*.clarity.ms
ASN | Microsoft
connect-src Host Hotjar logo Hotjar
https://*.hotjar.com
ASN | Amazon
connect-src Host HubSpot logo HubSpot
https://*.hubspot.com
ASN | Cloudflare
connect-src Host HubSpot Forms logo HubSpot Forms
https://*.hsforms.com
connect-src Host HubSpot Analytics logo HubSpot Analytics
https://*.hs-analytics.net
img-src Keyword
'self'
img-src Scheme
data:
img-src Scheme
blob:
img-src Scheme
https:
font-src Keyword
'self'
font-src Scheme
data:
font-src Host Google Fonts logo Google Fonts
https://fonts.gstatic.com
ASN | Google
style-src Keyword
'self'
style-src Keyword
'unsafe-inline'
style-src Host Google Fonts logo Google Fonts
https://fonts.googleapis.com
ASN | Google
frame-src Keyword
'self'
frame-src Host YouTube logo YouTube
https://www.youtube.com
ASN | Google
frame-src Host YouTube logo YouTube
https://*.youtube-nocookie.com
ASN | Google
frame-src Host HubSpot logo HubSpot
https://*.hubspot.com
ASN | Cloudflare
frame-src Host HubSpot Forms logo HubSpot Forms
https://forms.hsforms.com
ASN | Cloudflare
object-src Keyword
'none'
base-uri Keyword
'self'
form-action Keyword
'self'
form-action Host HubSpot Forms logo HubSpot Forms
https://*.hsforms.com
form-action Host HubSpot Forms logo HubSpot Forms
https://forms.hsforms.com
ASN | Cloudflare
frame-ancestors Keyword
'self'
report-to Host
default